In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. Discover how attackers are exploiting newly disclosed vulnerabilities faster than ever, with nearly 1 in 3 CVEs weaponized within 24 hours of publication.

We dive deep into the Lazarus Group's tactics, including watering hole attacks, one-day and potential zero-day vulnerabilities in tools like Innorix Agent and Cross EX, and their deployment of advanced malware families like ThreatNeedle and AGAMEMNON.

But that’s not all—we also cover:

• The evolution of phishing-as-a-service with generative AI (Darcula and Gamma AI),
• The increasing exploitation of browsers as attack surfaces,
• A Linux rootkit that avoids detection by bypassing system calls,
• Nation-state cyber activity from Russia, China, Iran, and North Korea,
• And the silent crisis looming over the CVE program’s future funding.

Plus, we explore the growing importance of non-human identities (NHIs) in security strategies, and the ongoing risks in software supply chains—from malicious npm packages to cryptocurrency library compromises.

If you're a cybersecurity professional or threat analyst, this is your essential 30-minute intel download.